Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Active Directory Administration Tasks And Tools Active Directory Administration Tasks Active Directory Administrative Tools Using Microsoft Management.

Published byDora Chapman Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Active Directory Administration Tasks And Tools Active Directory Administration Tasks Active Directory Administrative Tools Using Microsoft Management."— Presentation transcript:

1 1 Active Directory Administration Tasks And Tools Active Directory Administration Tasks Active Directory Administrative Tools Using Microsoft Management Consoles Using Task Scheduler

2 2 Active Directory Administrative Tasks Microsoft Windows 2000 Active Directory Administrative Tasks

3 3 Administrative Categories Configuring Active Directory Administering users and groups Securing network resources Administering Active Directory Administering the desktop computing environment Securing Active Directory Managing Active Directory performance Installing Windows 2000 remotely

4 4 Active Directory Administrative Tools Other Active Directory Administrative Tools The Microsoft Management Console (MMC) Console Tree and Details Pane Snap-Ins Console Options Author Mode

5 5 Administrative Tools Menu Active Directory Domains and Trusts console Active Directory Sites and Services console Active Directory Users and Computers console

6 6 Active Directory Domains and Trusts Console Assists management of trust relationships between domains Windows 2000 domains in the same or different forests. Pre-Windows 2000 domains. Kerberos V5 realms. Use the Active Directory Domains and Trusts console to Provide interoperability with other domains by managing explicit domain trusts. Change the mode of operation of a Windows 2000 domain from mixed mode to native mode. Add and remove alternative user principal name (UPN) suffixes used to create user logon names. Transfer the domain naming operations master role from one domain controller to another. Provide information about domain management.

7 7 Active Directory Sites and Services Console Publish sites to Active Directory to provide information about the physical structure of a network. Active Directory uses this information to determine how to replicate directory information and handle service requests.

8 8 Active Directory Users and Computers Console Adds, modifies, deletes, and organizes Windows 2000 user accounts, computer accounts, security and distribution groups, and published resources in the organization’s directory Manages domain controllers and OUs

9 9 Other Support Tools Active Directory Schema Snap-In Active Directory Support Tools

10 10 Support Tools (MMC Snap-In) ADSI Edit Used to view all objects in the directory, modify objects, and set ACLs on objects. SIDwalker: Security Administration Tools Consists of three separate programs. SHOWACCS.EXE and SIDWALK.EXE are command-line tools for examining and changing access control entries. Security Migration Editor is an MMC snap-in tool for editing mapping between old and new security IDs (SIDs).

11 11 Support Tools (GUI) LDP.EXE: Active Directory Administration Tool Allows LDAP operations to be performed against Active Directory REPLMON.EXE: Active Directory Replication Monitor Displays replication topology, monitors replication status, forces replication events, and recalculates knowledge consistency checker

12 12 Support Tools (Command Line) ACLDIAG.EXE: ACL Diagnostics DFSUTIL.EXE: Distributed File System Utility DNSCMD.EXE: DNS Server Troubleshooting Tool DSACLS.EXE: View or modify the ACL of objects in Active Directory DSASTAT.EXE: Active Directory Diagnostic Tool MOVETREE.EXE: Active Directory Object Manager NETDOM.EXE: Windows 2000 Domain Manager NLTEST.EXE: Provides information about trusts and replication REPADMIN.EXE: Replication Diagnostics Tool SDCHECCK.EXE: Security Descriptor Check Utility

13 13 Active Directory Service Interfaces (ADSI) Provides a simple, powerful, object-oriented interface to Active Directory Makes it easy for programmers and administrators to create programs utilizing directory services by using high-level tools without having to worry about the underlying differences between the different namespaces Fully programmable automation object for use by administrators Provides the ability to build or buy programs that give a single point of access to multiple directories in a network environment, whether those directories are based on LDAP or another protocol

14 14 The Microsoft Management Console (MMC) Used to create, save, and open collections of administrative tools. Does not provide management functions itself, but is the program that hosts management applications called snap-ins. Uses snap-ins to perform one or more administrative tasks. Preconfigured MMCs contain commonly used snap-ins, which appear on the Administrative Tools menu. Custom MMCs are created to perform a unique set of administrative tasks. Preconfigured and custom MMCs can be used for remote administration.

15 15 Preconfigured MMCs Contain one or more snap-ins that provide the functionality to perform a related set of administrative tasks. Function in User mode; unable to modify, save, or add additional snap-ins. Windows 2000 Server and Windows 2000 Professional have different preconfigured MMCs. Added by Windows 2000 when additional components are installed.

16 16 Typical Preconfigured MMCs are Available for Windows 2000 Professional, Windows 2000 Server stand-alone server, and Windows 2000 Server domain controllers Windows 2000 Server stand-alone server and domain controllers Windows 2000 Server domain controllers only Windows 2000 Professional and Windows 2000 Server stand- alone server

17 17 Windows 2000 Professional, Windows 2000 Server Stand-Alone Server, and Windows 2000 Server Domain Controllers Component Services Computer Management Data Sources (ODBC) Event Viewer Performance Services

18 18 Windows 2000 Server Stand-Alone Server and Domain Controllers Configure Your Server Distributed File System Internet Services Manager Licensing Routing and Remote Access Server Extensions Administrator Telnet Server Administration

19 19 Domain Controllers Only Active Directory Domains and Trusts Active Directory Sites and Services Active Directory Users and Computers Dynamic Host Configuration Protocol (DHCP) Domain Name System (DNS) Domain controller Security Policy Domain Security Policy

20 20 Professional and Server Stand-Alone Server Local Security Policy

21 21 Sample MMC

22 22 Snap-Ins and Extensions

23 23 Stand-Alone Snap-Ins Usually referred to simply as snap-ins Used to perform Windows 2000 administrative tasks Provide one function or a related set of functions

24 24 Extension Snap-Ins Referred to simply as extensions. Provide additional administrative functionality to another snap- in. Designed to work with one or more stand-alone snap-ins. Windows 2000 displays only extensions that are compatible with the stand-alone snap-in and places them in the appropriate location. When a snap-in is added to a console, MMC adds all available extensions by default. Extensions can be added to multiple snap-ins. Some stand-alone snap-ins can use extensions that provide additional functionality. Some snap-ins can act as a snap-in or an extension.

25 25 Console Options Author Mode Full access to all MMC functionality Adds or removes snap-ins Creates new windows Views all portions of the console tree Saves MMCs

26 26 Console Options User Mode Users cannot add or remove snap-ins, or save the MMC. Three types of user modes allow different levels of access and functionality: Full Access Limited Access, Multiple Windows Limited Access, Single Window

27 27 Using MMCs Using Preconfigured MMCs Using Custom MMCs Using MMCs for Remote Administration Practice: Using Microsoft Management Console

28 28 Options on the MMC Console Menu New: Create a new custom MMC console Open: Use a saved MMC console Save or Save As: Use the MMC console later Add/Remove Snap-In: Add or remove one or more snap-ins and their associated extensions to or from an MMC console Options: Configure the console mode and create a custom MMC console

29 29 Using MMCs for Remote Administration Snap-in for remote administration can be set up when a custom MMC is created. Remote administration allows administrative tasks to be performed from any location. The design of each snap-in dictates whether or not it can be used for remote administration. You must use specific snap-ins designed for remote administration. If the snap-in is available for remote administration, Windows 2000 prompts for the target computer to administer. The Windows 2000 Administration Tools Setup Wizard is simply a means for loading administrative tools to a remote machine.

30 30 Using Task Scheduler Introduction to Task Scheduler Practice: Using Task Scheduler

31 31 Scheduled Task Wizard

32 32 Task Scheduler Scheduled tasks are saved in the Scheduled Tasks folder in the Control Panel folder in My Computer and on the Accessories, System Tools menu. Access scheduled tasks on another computer by browsing that computer’s resources using My Network Places; allows tasks to be moved from one computer to another. Use Task Scheduler to Run maintenance utilities at specific intervals. Run programs when there is less demand for computer resources.

33 33 Scheduled Task Wizard Options Program to run: The applications to be scheduled Task name: A descriptive name for the task Frequency: How often Windows 2000 will perform the task Time and date: Start time and start date for the task to occur Name and password: User name and password; application will run under the security settings for this user account Advanced properties: Select this check box to display the Advanced Properties dialog box after clicking Finish

34 34 Scheduled Task Wizard Advanced Properties Task: Change the scheduled task, add parameters, or change the user account Schedule: Set and display multiple schedules for the same task Settings: Set options that can delete or stop a task, start or stop a task based on idle or non-idle time, start or stop a task if a computer is running on batteries, and wake the computer to run a task Security: Change the list of users and groups that have permission to perform the task, or change the permissions for a specific user or group

Download ppt "1 Active Directory Administration Tasks And Tools Active Directory Administration Tasks Active Directory Administrative Tools Using Microsoft Management."

Similar presentations

By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.

By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
6.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Thirteen Performing Network.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Thirteen Performing Network.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 10: Server Administration.
1 Chapter 1 Introduction to Windows Server 2003. 2 Two main goals for Net Admin Make network resources available to users Files, folders, printers, etc.

1 Chapter 1 Introduction to Windows Server Two main goals for Net Admin Make network resources available to users Files, folders, printers, etc.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Administering Active Directory

Administering Active Directory
Hands-On Microsoft Windows Server 2003 Administration Chapter 1 Windows Server 2003 Network Administration.

Hands-On Microsoft Windows Server 2003 Administration Chapter 1 Windows Server 2003 Network Administration.
By Rashid Khan Lesson 4-Preparing to Serve: Understanding Microsoft Networking.

By Rashid Khan Lesson 4-Preparing to Serve: Understanding Microsoft Networking.
Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.

Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW  Describe the process of adding a computer to.

11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW  Describe the process of adding a computer to.

Similar presentations

Ads by Google